EulerOS Virtualization 2.10.1 : grub2 (EulerOS-SA-2022-2883)

According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to...

Open vSwitch 缓冲区错误漏洞

Open vSwitch is an open source virtual switch. Open vSwitch suffers from a buffer error vulnerability that stems from allowing an attacker to achieve integer underflow in its specific TLV...

RHEL 9 : kpatch-patch (RHSA-2022:9082)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:9082 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...

kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...

kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...

kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...

kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...

kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...

Scientific Linux Security Update : grub2 on SL7.x x86_64 (2022:8900)

The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2022:8900-1 advisory. - grub2: Integer underflow in grubnetrecvip4packets CVE-2022-28733 Note that Nessus has not tested for this issue but has instead relied only on the...

Important: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Schneider Electric Modicon Integer Underflow (CVE-2022-37301)

A CWE-191: Integer Underflow Wrap or Wraparound vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. Affected products: Modicon M340 CPU part numbers BMXP34V3.40 and prior, Modicon M580 CPU part numbers BME...

RHEL 8 : kernel (RHSA-2022:8767)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8767 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: openvswitch: integer underflow leads to...

kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

SUSE: Security Advisory (SUSE-SU-2022:4302-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:4302-1 Security update for grub2

This update for grub2 fixes the following issues: Security Fixes: - CVE-2022-2601: Fixed buffer overflow in grubfontconstructglyph bsc1205178. - CVE-2022-3775: Fixed integer underflow in blitcomb bsc1205182. Other: - Bump upstream SBAT generation to 3 - Fix unreadable filesystem with xfs v4...

SUSE: Security Advisory (SUSE-SU-2022:4218-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...